1. Field of the Invention
This invention generally relates to the field of access control of content and more specifically to persistent access control of content.
2. Description of Related Art
As the use of the Internet has increased over recent years, so has the exchange of information and ideas. File sharing, in particular, has enjoyed increasing popularity over the last few years. However, the growth of the Internet has posed some interesting obstacles in the field of access control of protected content. As users increasingly send and receive files quickly and in great quantities, access control can take a back seat to the free flow of information. Early approaches to the problem involved control over the acquisition of the content. However, this approach lacked the exercise of control over the content once the content was acquired by a user. As a result, new approaches have emerged for protecting the use of content.
A well-known approach to the problem of protected content is described in FIG. 1. FIG. 1 is a block diagram illustrating the overall system architecture of a prior art protected content system. FIG. 1 is directed towards a Business-to-Consumer (B-to-C) paradigm. A content provider 102 creates content and interacts with store 112, via network 110, for the creation of an access control policy associated with the content. The content is then wrapped in an encrypted content file that includes the access control policy created. The content file is then stored in a data storage server 104. In addition, store 112 interacts with clearinghouse 108, via network 110, to promulgate the proper authorization for access to the content.
Subsequently, a client 106 acquires the content file by interacting with store 112 and receiving the content file from the store 112 or the data storage server 104. Then, the client 106 attempts to acquire access to the content in the content file by interacting with the clearinghouse 108 and obtaining authorization to access the content. The clearinghouse 108 determines whether the client 106 has authorization to access the content in the content file by accessing the access control policy embedded in the content file.
This approach is tailored to the B-to-C market place, where the access control policy is embedded in the content file and any changes to the access control policy requires changes to each content file. Also, since the access control policy is embedded in the content file, there is no interaction required with the content owner. Thus, once a client 106 has downloaded a content file, the content owner no longer has the power to regulate access control. In addition, this approach is directed to a B-to-C paradigm, as opposed to a Business-to-Business (B-to-B) paradigm. As the number of company networks increases, there is a need for an access control policy system that can be implemented over a LAN or WAN.
Another solution to the problem of protected content is the B-to-B paradigm. A B-to-B network includes a system-wide solution to controlling access to protected content. Typically, a server information processing system on a company LAN or WAN controls access to protected content on client systems. In this system, a client application executes on the computer systems of clients, which communicates with the server system and allows access to protected content in accordance with access control policies issued by the server system. Examples of such a system is the PageRecall application produced by Authentica Inc. of Waltham, Massachusetts, and the Enterprise 3.0 application produced by Alchemedia Inc. of Grapevine, Calif. Although these applications are useful for protecting content, they do have their shortcomings. The PageRecall application requires each piece of content to be registered with an administering server. This can be a problem when there no network connection available to a user. In addition, the PageRecall application converts all documents to a Portable Document Format (PDF) file in order to maintain content as read-only. This is disadvantageous as it does not allow for editing of content.
Therefore a need exists to overcome the problems with the prior art as discussed above, and particularly for a way to control access to protected content once the protected content is located at a client system.